Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    38e087fdb9c83b2cad8bee57db176c7a_JaffaCakes118

  • Size

    63KB

  • Sample

    240512-hy369shd33

  • MD5

    38e087fdb9c83b2cad8bee57db176c7a

  • SHA1

    df34bac62c5e72d43a60260e0dfd585a10cf2752

  • SHA256

    04b94dba59c5ac11f0b7906c7b6aaf8c5bffa1a12274b408848f068ee98aa36e

  • SHA512

    35ed4b339239b553ce3ba089ce7094eb50e830d7dbe02b5969eb4a1ebd7ac692a9264e71b5936aa9f2395e217eaec97984d85fd27f36964f1adf9b91a26d215b

  • SSDEEP

    1536:pe5j3wO2oo/VlDFnXcfcHEzVSK+drPZugAgiI988frK/esW:xO4/VlDFnXcfcHEgK2Dyv+K/e5

Malware Config

Targets

    • Target

      38e087fdb9c83b2cad8bee57db176c7a_JaffaCakes118

    • Size

      63KB

    • MD5

      38e087fdb9c83b2cad8bee57db176c7a

    • SHA1

      df34bac62c5e72d43a60260e0dfd585a10cf2752

    • SHA256

      04b94dba59c5ac11f0b7906c7b6aaf8c5bffa1a12274b408848f068ee98aa36e

    • SHA512

      35ed4b339239b553ce3ba089ce7094eb50e830d7dbe02b5969eb4a1ebd7ac692a9264e71b5936aa9f2395e217eaec97984d85fd27f36964f1adf9b91a26d215b

    • SSDEEP

      1536:pe5j3wO2oo/VlDFnXcfcHEzVSK+drPZugAgiI988frK/esW:xO4/VlDFnXcfcHEgK2Dyv+K/e5

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Loads dropped DLL

    • VMProtect packed file

      Detects executables packed with VMProtect commercial packer.

    • Modifies WinLogon

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks